Skills
skills/1nfsh-s3/skills/talking-head-production/Gen Agent Trust Hub

talking-head-production

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill documentation instructs the user to run the command curl -fsSL https://cli.inference.sh | sh. This is a piped remote execution pattern that allows an external website to execute arbitrary commands on the host system. The source domain inference.sh is not a trusted source according to the established security criteria.
  • EXTERNAL_DOWNLOADS (HIGH): The skill relies on an external binary (infsh) downloaded from an unverified third-party domain. Although the text mentions SHA-256 verification, the initial bootstrap script itself is untrusted.
  • COMMAND_EXECUTION (MEDIUM): The skill defines Bash(infsh *) as an allowed tool, enabling the agent to execute shell commands via the potentially compromised CLI tool.
  • PROMPT_INJECTION (LOW): The skill processes external data via the --input flag in CLI commands. Evidence: 1. Ingestion points: infsh app run command inputs. 2. Boundary markers: Absent. 3. Capability inventory: Bash tool access. 4. Sanitization: None documented in the skill instructions.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 19, 2026, 07:36 PM